WO2019239815A1 - Secret-key sharing system and secret-key sharing method - Google Patents

Secret-key sharing system and secret-key sharing method Download PDF

Info

Publication number
WO2019239815A1
WO2019239815A1 PCT/JP2019/020022 JP2019020022W WO2019239815A1 WO 2019239815 A1 WO2019239815 A1 WO 2019239815A1 JP 2019020022 W JP2019020022 W JP 2019020022W WO 2019239815 A1 WO2019239815 A1 WO 2019239815A1
Authority
WO
WIPO (PCT)
Prior art keywords
secret key
communication
key
secret
optical space
Prior art date
Application number
PCT/JP2019/020022
Other languages
French (fr)
Japanese (ja)
Inventor
藤原 幹生
佐々木 雅英
武岡 正裕
寛之 遠藤
Original Assignee
国立研究開発法人情報通信研究機構
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 国立研究開発法人情報通信研究機構 filed Critical 国立研究開発法人情報通信研究機構
Publication of WO2019239815A1 publication Critical patent/WO2019239815A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/12Transmitting and receiving encryption devices synchronised or initially set up in a particular manner

Definitions

  • the present invention relates to a secret key sharing system and a secret key sharing method for sharing a secret key between a sender device and an authorized receiver device using optical space communication.
  • QKD Quantum key distribution
  • This QKD is a quantum communication method for decoding encoded communication resources using a quantum state using a quantum communication channel.
  • the transmitter encodes information input by an encoder that performs QKD using a quantum effect, and transmits the encoded information to a communication path as a communication resource.
  • the receiving party can obtain the target information by receiving the communication resource transmitted to the communication path and decrypting the communication resource with the decombiner (see, for example, Patent Document 1).
  • QKD it is possible to share a random number that is safe in terms of information theory between two distant parties.
  • the key generation rate is about several k to 1 Mbps when the transmission distance is about 50 to 100 km. For this reason, QKD experiments using satellites have been conducted with the aim of extending the key distribution distance of QKD. For example, in other countries (China), there have been reports of successful key generation between satellites and ground stations that are more than 1200 km away, but in QKD using satellites, the time for which the ground stations can track hygiene is limited . In addition, since it is difficult to increase the speed of a QKD device mounted on a satellite, the key generation rate is at most about 1 kbps.
  • the index value of the security of the key which is a safety parameter, is also set to a numerical value lower than that used in the ground-based fiber-based QKD device. Also, the information theory based on safety is not the latest, and there is room for improvement in key security.
  • a virtual eavesdropper with a strong receiving capability is installed near a legitimate receiver device in a line-of-sight communication channel for optical communication, and it is regarded as the maximum amount of information leaked to a true eavesdropper and secure key generation is performed Has been proposed and verified (see Non-Patent Document 1, Non-Patent Document 2, for example).
  • Non-Patent Document 1 Non-Patent Document 2, for example.
  • the communication channel is monitored with a telescope, a camera, etc., and the security of the key is discussed under the assumption that there are no eavesdroppers on the optical communication line. are doing.
  • the monitoring capability of the line-of-sight communication channel with the existing camera is only about 10 cm in size because the image is fluctuated by the atmosphere, and even if space debris monitoring technology is introduced, it is about 10 cm. This is a level at which an object (such as a small photodetector) can be identified (see Non-Patent Document 3, for example).
  • the antenna size must be at least equivalent to a wavelength of 10 cm. Therefore, it is difficult to reduce the size of the detection system as described above. If a detection system is installed on the line-of-sight channel by an eavesdropper, an antenna having a size of at least 10 cm is required, so that an eavesdropper can easily find an eavesdropper.
  • band limitation and directivity are inferior to those in the case of communication using light.
  • the present invention has been devised in view of the above-described problems, and the object of the present invention is to provide a secret key sharing system and a secret key sharing system that can perform key sharing more safely in a line-of-sight communication channel. It is to provide a method.
  • the secret key sharing system is a secret key sharing system for sharing a secret key between a sender device and a legitimate receiver device arranged in a line-of-sight communication channel, A key distribution unit that generates a secret key for optical space communication and RF band communication by modulating a random number sequence to be registered, and distributes the generated secret key to an authorized receiver device via optical space communication and RF band communication And a communication secret that receives information on the secret key selected by the authorized receiver device based on the distribution of the key distribution unit and generates an optical space communication secret key and an RF band communication secret key based on the received information.
  • a final secret key to be shared with the authorized receiver device is determined.
  • Final secret key generated And the authorized receiver device receives a secret key distributed via the optical space communication and the RF band communication by the key distribution unit, and selects and transmits the secret key to the sender device. It is characterized by having.
  • the final secret key generation unit matches the final secret key with the optical space communication secret key and the RF band communication secret key formed by a random number sequence of the same length. It is characterized by producing
  • a secret key sharing system is a secret key sharing system for sharing a secret key between a sender device and a legitimate receiver device arranged in a line-of-sight communication channel. And generating a plurality of secret keys for optical space communication by superimposing the divided random number sequences, and setting a proper receiver device at the center of the optical space communication beam in advance.
  • a key distribution unit that distributes a plurality of secret keys by beam wandering so as to include the center of the beam, and a plurality of secret keys selected by the authorized receiver device based on distribution by the key distribution unit Then, based on a common random number sequence included in the optical space communication secret key generated by the communication secret key generation unit and the communication secret key generation unit that generates the optical space communication secret key, the sender device and the regular reception key
  • a final secret key generation unit that generates a final secret key to be shared by the receiver device, and the authorized receiver device receives the secret key distributed via the optical space communication by the key distribution unit and It has a transmission part which sorts and transmits to a sender device.
  • a secret key sharing system is characterized in that, in the third invention, the beam wandering range is set and distributed based on the assumed position of the leaked information estimation receiver and the position of the eavesdropper.
  • a secret key sharing method is a secret key sharing method for sharing a secret key between a sender device and a legitimate receiver device arranged in a line-of-sight communication channel.
  • a secret key distributed via optical space communication and RF band communication in the key distribution process is received at the authorized receiver device and is selected and transmitted to the sender device, and is selected by the authorized receiver device.
  • Final secret key generation step for generating a final secret key to be shared between the sender device and the regular receiver device based on a common random number sequence included in the optical space communication secret key and the RF band communication secret key It is characterized by having.
  • a secret key sharing method is a secret key sharing method for sharing a secret key between a sender device and a legitimate receiver device arranged in a line-of-sight communication channel. And generating a plurality of secret keys for optical space communication by superimposing the divided random number sequences, and setting a proper receiver device at the center of the optical space communication beam in advance.
  • a key distribution process for distributing each of a plurality of secret keys by beam wandering so as to include the center of the beam, and a secret key distributed via optical space communication in the key distribution process is received by the regular receiver device. And transmitting the selected secret key to the sender device and receiving the plurality of secret keys selected by the authorized receiver device at the sender device to generate an optical space communication secret key. And generating a final secret key to be shared between the sender device and the regular receiver device based on a common random number sequence included in the optical space communication secret key generated in the communication secret key generation step. And a final secret key generation step.
  • optical space communication and RF band communication are used for quantum cryptography communication between the sender device and the authorized receiver device.
  • a secret key can be shared even in RF communication with a frequency lower than 750 MHz, which cannot be detected by an antenna having a length of 10 cm or less in RF band communication, but cannot be detected by an antenna of 10 cm or less in optical band communication.
  • the result of coding another key with one key is used as the final key common to the sender device and the authorized receiver device, so that information to an eavesdropper with a wide beam divergence angle of RF band communication can be obtained. It is possible to safely implement a common secret key that makes it possible to eliminate threats due to leakage and the presence of an eavesdropper on a communication path in optical space communication.
  • a final secret key is generated by matching an optical space communication secret key and a radio frequency band communication secret key formed of a random number sequence of the same length. For this reason, the reception capability of an eavesdropper can be limited as compared with channel coding and secret key sharing for optical space communication only or RF band communication only. As a result, even if an eavesdropper is present in the communication path, safe key sharing is possible between the sender device and the authorized receiver device.
  • the third invention by changing the central axis of the light beam in the vicinity of the authorized receiver device and transmitting, a plurality of light beams from the sender device are provided, and the range image of the light beam is expanded as a whole. For this reason, it is assumed that the maximum amount of information leaked to the eavesdropper is given, and secure key generation and sharing are possible between the sender device and the authorized receiver device.
  • the spread range is large, it is divided into a plurality of ranges, so that the light beam spread angle can be effectively narrowed, and the secret key can be shared safely.
  • the message is divided and transmitted according to the number of times of beam wandering. For this reason, even if only one eavesdropper eavesdrops, the whole picture is not known. Thereby, even if there is an eavesdropper in the communication path, key sharing can be realized safely and at high speed. Furthermore, information leakage due to the light beam divergence angle due to optical space communication can also be suppressed. Thereby, it becomes a very powerful method for realizing the physical layer encryption in the sender apparatus and the authorized receiver apparatus, and the secret key can be shared safely.
  • optical space communication and RF band communication are used for quantum cryptography communication between the sender device and the authorized receiver device. For this reason, a secret key can be shared even in RF communication with a frequency lower than 750 MHz, which cannot be detected by an antenna having a length of 10 cm or less in RF band communication, but cannot be detected by an antenna of 10 cm or less in optical band communication.
  • a secret key can be shared even in RF communication with a frequency lower than 750 MHz, which cannot be detected by an antenna having a length of 10 cm or less in RF band communication, but cannot be detected by an antenna of 10 cm or less in optical band communication.
  • the sixth invention by changing the central axis of the light beam in the vicinity of the authorized receiver device and transmitting, a plurality of light beams from the transmitter device are provided, and the range image of the light beam is expanded as a whole. For this reason, it is assumed that the maximum amount of information leaked to the eavesdropper is given, and secure key generation becomes possible.
  • the spread range is large, the light beam spread angle can be effectively narrowed because it is divided into a plurality of ranges, and the secret key can be safely shared between the sender device and the authorized receiver device.
  • FIG. 1 is a schematic diagram showing an example of a secret key sharing system to which the present invention is applied.
  • FIG. 2 is a block diagram showing an example of the configuration of the satellite 1 of the secret key sharing system to which the present invention is applied.
  • FIG. 3 is a block diagram illustrating an example of a secret key sharing system according to the first embodiment.
  • FIG. 4 is a schematic diagram showing an example of secret key sharing operation in the first embodiment.
  • FIG. 5 is a schematic diagram illustrating an example of a secret key sharing system according to the second embodiment.
  • FIG. 6 is a schematic diagram illustrating an example of secret key sharing operation according to the second embodiment.
  • FIG. 7 is a schematic diagram illustrating an example of secret key sharing operation in the second embodiment.
  • FIG. 1 is a schematic diagram showing an example of a secret key sharing system 10 in this embodiment.
  • the secret key sharing system 10 is based on quantum key distribution using the satellite 1, the two ground stations 2 and the antenna 3, and can share secret keys on a global scale.
  • the satellite 1 is a sender device 11, and the ground station 2 and the antenna 3 are regular receiver devices 14.
  • the regular receiver device 14 is a device on the other side that the sender device 11 truly wants to share a secret key.
  • the legitimate receiver device 14 performs processing such as bit error and error correction according to the reception status, and sorts the secret key distributed from the sender device 11.
  • the ground station 2 in the regular receiver apparatus 14 performs, for example, optical space communication from the satellite 1 with a telescope. Further, the antenna 3 in the regular receiver device 14 performs RF band communication with the satellite 1 using radio waves in the RF band.
  • FIG. 2 is a block diagram showing an example of the configuration of the satellite 1 of the secret key sharing system to which the present invention is applied.
  • the satellite 1 includes a key distribution unit 4, a communication secret key generation unit 5, and a final secret key generation unit 6 as shown in FIG.
  • the key distribution unit 4 includes an optical space communication key distribution unit 41 and an RF band communication key distribution unit 42.
  • the key distribution unit 4 modulates the random number sequence to generate each secret key in the optical space communication key distribution unit 41 and the RF band communication key distribution unit 42, and uses the generated secret key for optical space communication and RF It is distributed to the ground station 2 and the antenna 3 via band communication.
  • the optical space communication key distribution unit 41 generates a random number sequence modulated by a physical random number generator mounted on the satellite 1. This random number sequence may be registered in advance.
  • the optical space communication key distribution unit 41 distributes the generated random number sequence to the ground station 2 by optical space communication using the quantum effect.
  • This optical space communication may be transmitted by, for example, a light beam system provided in the satellite 1. In this case, the intensity of the light beam reaching the ground due to the intensity of the light beam, the diaphragm, or the like may be determined.
  • the beam light may be distributed while being set so that the position of the ground station 2 becomes the center of the beam light, for example.
  • the RF band communication key distribution unit 42 distributes the random number sequence modulated by the physical random number generator to the antenna 3 by RF band communication.
  • the communication secret key generation unit 5 receives the secret key selected by the authorized recipient device 14 based on the distribution of the key distribution unit 4, and performs secret key matching.
  • the communication secret key generation unit 5 receives information on each secret key selected by the authorized receiver device 14. The communication secret key generation unit 5 matches the results selected based on the information about the secret key. The communication secret key generation unit 5 generates the selected optical space communication secret key and RF band communication secret key.
  • the final secret key generation unit 6 should be shared with the authorized receiver device 14 based on the common random number sequence included in the optical space communication secret key and the RF band communication secret key generated by the communication secret key generation unit 5 Generate the final secret key.
  • the final secret key generation unit 6 may be included in the authorized recipient device 14.
  • FIG. 3 is a diagram showing an overall configuration when an eavesdropper device 15 enters in a secret key sharing system to which the present invention is applied.
  • FIG. 3 shows a case where there are a plurality of ground stations 2 distributed from the transmitter apparatus 11 (satellite 1) corresponding to the satellite 1 described above, one of which is a regular receiver apparatus 14 and the other is an eavesdropper apparatus 15. It is.
  • the regular receiver device 14 (the ground station 2 and the antenna 3) performs optical space communication with the transmitter device 11 (satellite 1) via the main communication path 12.
  • the eavesdropper device 15 has a configuration corresponding to at least the ground station 2 and may further have a configuration corresponding to the antenna 3.
  • the eavesdropper device 15 is a device that does not want the sender device 11 to share the secret key, and the eavesdropper device 15 performs optical space communication from the sender device 11 via the eavesdropper communication path 13 for the purpose of eavesdropping. And attempts to intercept RF band communications.
  • Satellite 1 modulates an intrinsic random number generated by an on-board physical random number generator (not shown) into a quantum state of light and distributes it to ground station 2 by optical space communication. Similarly, the satellite 1 modulates a true random number and transmits it to the antenna 3 by RF band communication. It should be noted that the physical random number generator is held in common with the regular receiver device 14 before the satellite 1 is launched.
  • the ground station 2 and the antenna 3 perform correction processing for deterioration of information distributed by the optical space communication and the RF band communication distributed from the satellite 1 based on the intrinsic random numbers already held.
  • This correction processing is, for example, bit error or error correction.
  • the satellite 1 can generate an optical space communication secret key and an RF band communication secret key based on information (correction information, etc.) related to the secret key transmitted from the authorized receiver device 14, and holds a common secret key. be able to.
  • Satellite 1 receives sorting result information from ground station 2 and antenna 3 through optical space communication and RF band communication.
  • the communication secret key generation unit 5 in the satellite 1 matches the random number sequence distributed by the optical space communication and the RF band communication based on the selection result information. Based on the matching result, an optical space communication secret key and an RF band communication secret key are generated.
  • the final secret key generation unit 6 prepares the same number of bits from the optical space communication secret key and the RF band communication secret key generated at different wavelengths according to the above-described processing. As shown in FIG. 4, the final secret key generation unit 6 calculates, for example, an exclusive OR from the prepared number of bits for the optical space communication secret key and the RF band communication secret key, and the calculated result is used as the final secret key. To do.
  • the final secret key is calculated by, for example, exclusive OR for each bit in both the optical space communication secret key (Key 1) and the RF band communication secret key (Key 2).
  • a common random number is generated as the final secret key, and this common random number is shared between the sender device 11 and the authorized receiver device 14.
  • the final secret key is generated based on the selection result of the separate communication using the optical space communication and the RF band communication between the sender device 11 and the regular receiver device 14. To do. For this reason, even if either optical space communication or RF band communication is intercepted via the eavesdropper device 15, the final secret key cannot be reproduced from the eavesdropper device 15. For this reason, the authorized recipient device 14 can share the final secret key more safely without being intercepted by the eavesdropper device 15.
  • the satellite 1 as the sender device 11 modulates a true random number generated by an on-board physical random number generator (not shown) into a quantum state of light, and a regular receiver device as the ground station 2 by optical space communication. 14 is delivered.
  • the authorized receiver device 14 generates a final secret key to be shared with the sender device 11 based on the secret key distributed through the optical space communication.
  • the sender apparatus 11 presets the center of the light beam of the optical space communication with respect to the regular receiver apparatus 14.
  • FIG. 6 shows a setting example of this light beam.
  • the eavesdropper device 15 may be set to be a pseudo, so-called fictitious device.
  • the detection capability of the eavesdropper device 15 is equivalent to that of the regular receiver device 14. Further, the eavesdropper device 15 can receive light with the same energy density as that of the eavesdropper device 15 with respect to one light beam from the transmitter device 11, and other light beams are separated by 1 ⁇ or more. Assume.
  • the beam wandering range is set so as to include the center of the optical beam of optical space communication.
  • the beam wandering light beams 30 to 32 in FIG. 6 are examples in which the center of the light beam for optical space communication is set to the authorized receiver device 14 and is set so as to include the center.
  • the mutual light beams 30 to 32 are set so as not to be completely overlapped, and their centers are set so as to be shifted from the regular receiver apparatus 14.
  • the sender device 11 divides the random number sequence that is actually registered into a plurality of pieces.
  • a plurality of secret keys are generated by superimposing the divided random number sequences.
  • the key distribution unit 4 in the sender apparatus 11 distributes the secret key based on the divided random number sequence to each legitimate receiver apparatus 14 by superimposing it on each light beam to be beam wandered.
  • the random number sequence is divided into three, that is, a divided secret key A, a divided secret key B, and a divided secret key C
  • a secret key is superimposed on each light beam and distributed to the authorized recipient device 14.
  • the divided secret key A is superimposed on the light beam 30
  • the divided secret key B is superimposed on the light beam 31
  • the divided secret key C is superimposed on the light beam 32 for distribution.
  • These divided secret key A, divided secret key B, and divided secret key C are the difference between the error rate of each light beam and the estimated value of the leaked information amount in the transmitter device 11 and the regular receiver device 14 in optical space communication.
  • the key length of the secret key may be different. For this reason, the legitimate receiver apparatus 14 that has received the beam wandered light beam, for example, the key length of the smallest secret key among the received divided secret key A, divided secret key B, and divided secret key C. Is used as a reference, and the key length obtained with each secret key is used, and a process of discarding a longer key is performed.
  • the authorized receiver device 14 extracts a common random number from each exclusive OR based on the divided secret key A, the divided secret key B, and the divided secret key C. Then, the extracted common random number is wandered through the optical space communication and used as the final secret key shared by the authorized recipient device 14.
  • the maximum approach distance in the actual eavesdropper device 15 is estimated by detecting the amount of leaked information through a pseudo-set leaked information estimation required receiver with the legitimate receiver device 14 as the center. be able to.
  • the eavesdropper device 15 In order for the eavesdropper device 15 to actually receive all of the beam wandered light beams, it is necessary to approach the same position as the regular receiver device 14 or close to its immediate vicinity, but in practice it is quite realizable. difficult. For this reason, the reception of the light beam by the eavesdropper device 15 becomes incomplete, and it is practically difficult to obtain the final secret key.
  • the legitimate receiver device 14 can more securely share the final secret key without being intercepted by the eavesdropper device 15.
  • the key distribution unit 4 may narrow the beam diameter of the light beam that is actually distributed, and then perform beam wandering. As a result, it is possible to reduce the information leakage accompanying the spread of the beam with extremely high efficiency.
  • the secret key sharing method for sharing the secret key between the sender device and the regular receiver device arranged in the line-of-sight channel in the present embodiment includes the key distribution step in the secret key sharing system 10 described above, By having a transmission step, a communication secret key generation step, and a final secret key generation step, secret key sharing is possible even in RF communication at a frequency lower than 750 MHz that cannot be easily received by an antenna of 10 cm or less in RF band communication. It becomes.
  • Satellite 2 Ground station 3: Antenna 4: Key distribution unit 5: Communication secret key generation unit 6: Final secret key generation unit 10: Secret key sharing system 11: Sender device 12: Main communication channel 13: Eavesdropper communication Path 14: Authorized receiver device 15: Eavesdropper device 30, 31, 32: Light beam 41: Optical space communication key distribution unit 42: RF band communication key distribution unit A to C: Divided secret key

Abstract

[Problem] To provide a secret-key sharing system and a secret-key sharing system method that perform sharing of a secret key between a transmitter device and a formal receiver device by using optical space communication. [Solution] A transmitter device 11 generates a secret key of optical space communication and RF band communication and distributes the secret key to a formal receiver device 14 by the optical space communication and the RF band communication. The transmitter device 11 receives information on the secret key selected by the formal receiver device 14, generates an optical-space communication secret-key and an RF-band communication secret-key, generates a final secret key to be shared with the formal receiver device 14 on the basis of a shared random number sequence included in the generated optical-space communication secret-key and the RF-band communication secret-key, and shares the final secret key with the formal receiver device 14.

Description

秘密鍵共有システム及び秘密鍵共有方法Secret key sharing system and secret key sharing method
 本発明は、光空間通信を用いて送信者装置と正規受信者装置との間で秘密鍵の共有を行う秘密鍵共有システム及び秘密鍵共有方法に関するものである。 The present invention relates to a secret key sharing system and a secret key sharing method for sharing a secret key between a sender device and an authorized receiver device using optical space communication.
 近年の量子コンピュータの実現に向け、日本のみならず海外の研究機関などで開発が進められており、将来、大容量の量子ビットに対応した量子ビットコンピュータの実現が予想されている。この大容量の量子ビットコンピュータは、原理的には実現できるが、膨大な処理時間がかかるとされていた。現在の暗号化の方法は、この離散対数問題や素因数分解の数学的な困難さに安全性を求めているが、この量子ビットコンピュータが実現した場合には、このような数学的な困難さが暗号に備わっていても、解読されてしまう可能性がある。そのため、第三者(盗聴者)による秘匿情報の盗聴などの脅威が生じることになる。さらにコンピュータの性能は、年々向上しているため、進歩した計算機能力、暗号解読アルゴリズムにより、暗号化技術をはじめとするセキュリティ技術の安全性が低下する恐れがある。 Developed in recent years not only in Japan but also in overseas research institutes for the realization of quantum computers in recent years, and the realization of qubit computers corresponding to large-capacity qubits is expected in the future. Although this large-capacity qubit computer can be realized in principle, it has been said that it takes enormous processing time. Current encryption methods require security against the discrete logarithm problem and the mathematical difficulties of prime factorization, but when this qubit computer is realized, such mathematical difficulties are not. Even if the code is provided, it may be deciphered. Therefore, threats such as eavesdropping on confidential information by a third party (wiretapping) occur. Furthermore, since the performance of computers is improving year by year, there is a risk that the safety of security technologies such as encryption technologies may be reduced due to advanced computational capabilities and decryption algorithms.
 前述のような脅威、第三者による盗聴などに対抗する暗号化の方式として、安全に暗号鍵を共有できる技術として量子鍵配送(QKD:Quantum Key Distribution)が提案されている。このQKDは、量子通信路を用いる量子状態を用いて、符号化された通信資源を復号化する量子通信方法である。送信者は、QKDを行う符号器で入力された情報を、量子効果を用いて符号化し、符号化した情報を通信資源として通信路へ送信する。受信相手は、通信路へ送信された通信資源を受信し、復合器で復合化することにより対象情報を得ることが可能となる(例えば、特許文献1参照)。QKDでは、離れた二者間で情報理論的に安全な乱数を共有することが可能である。 Quantum key distribution (QKD) has been proposed as a technique for securely sharing an encryption key as an encryption method that counters the threats described above and wiretapping by a third party. This QKD is a quantum communication method for decoding encoded communication resources using a quantum state using a quantum communication channel. The transmitter encodes information input by an encoder that performs QKD using a quantum effect, and transmits the encoded information to a communication path as a communication resource. The receiving party can obtain the target information by receiving the communication resource transmitted to the communication path and decrypting the communication resource with the decombiner (see, for example, Patent Document 1). With QKD, it is possible to share a random number that is safe in terms of information theory between two distant parties.
 しかし、現在のファイバベースのQKDでは、鍵を提供できる距離および速度に強い制限が課せられるため、伝送距離が50~100Km程度において、鍵生成レートは数k~1Mbps程度となってしまう。そのため、QKDの鍵配信距離の延長を目指し、衛星を用いたQKD実験もなされている。例えば、他国(中国)では、1200km以上離れた衛星と地上局間での鍵生成に成功した事例も報告されているが、衛星を用いたQKDでは、地上局で衛生をトラッキングできる時間が限られる。また、衛星搭載用のQKD装置の高速化が難しいことから、鍵生成レートが最大でも1kbps程度となる。安全性パラメータとなる鍵の安全性の指標値も、地上のファイバベースのQKD装置で用いられるものよりも低い数値で設定されている。また、安全性を立脚している情報理論も最新のものではなく、鍵の安全性に改善の余地がある。 However, since the current fiber-based QKD imposes strong restrictions on the distance and speed at which keys can be provided, the key generation rate is about several k to 1 Mbps when the transmission distance is about 50 to 100 km. For this reason, QKD experiments using satellites have been conducted with the aim of extending the key distribution distance of QKD. For example, in other countries (China), there have been reports of successful key generation between satellites and ground stations that are more than 1200 km away, but in QKD using satellites, the time for which the ground stations can track hygiene is limited . In addition, since it is difficult to increase the speed of a QKD device mounted on a satellite, the key generation rate is at most about 1 kbps. The index value of the security of the key, which is a safety parameter, is also set to a numerical value lower than that used in the ground-based fiber-based QKD device. Also, the information theory based on safety is not the latest, and there is room for improvement in key security.
 鍵の安全性は、情報理論的に安全で、日本全土もしくは大陸間で安全な鍵を共有できる技術が渇望されている。QKDにおいて仮定している盗聴者の能力を制限できる場合においても、情報処理的に安全な鍵生成を可能とする物理レイヤ暗号の研究も近年盛んになっている。 鍵 Key security is information-theoretically secure, and there is a craving for technology that allows safe keys to be shared throughout Japan or between continents. In recent years, research on physical layer cryptography that enables secure information generation for information processing even when the ability of an eavesdropper assumed in QKD can be limited has been actively conducted.
 これらの研究は、例えば、ワイヤタップモデルでは、QKDでは想定している受信・再送信攻撃を想定していない。そのため、物理レイヤ暗号で、盗聴者にどのような信号が渡ったのかを知ることができれば、公開通信路を併用して安全な鍵を生成できる。また、不可避な雑音源が盗聴者に設定できれば、信号対雑音比の正規送受信者装置間との違いから、安全な鍵の生成を可能とする秘密鍵共有プロトコルにより、QKDよりも優れた通信性能を実現できる可能性がある。 In these studies, for example, in the wire tap model, the reception / retransmission attack assumed in QKD is not assumed. Therefore, if it is possible to know what signal has passed to the eavesdropper using the physical layer encryption, a secure key can be generated using the public communication path together. In addition, if an inevitable noise source can be set for an eavesdropper, the communication performance superior to QKD is achieved by a secret key sharing protocol that enables secure key generation due to the difference in signal-to-noise ratio between regular transceiver devices. May be possible.
 例えば、光通信の見通し通信路において正規受信者装置の近くに強力な受信能力をもつ仮想盗聴者を設置し、真の盗聴者への漏洩情報量の最大値とみなし、安全な鍵生成を行うという手法が提案・実証されている(例えば、非特許文献1、非特許文献2参照)。これらの提案・実証では、光通信における見通し通信路上の特徴を生かし、通信路を望遠鏡・カメラなどで監視の下、見通し通信路には盗聴者がいないという仮定の下で鍵の安全性を講論している。しかしながら、現有のカメラによる見通し通信路の監視能力は画像の大気による揺らぎのため、10cm程度の大きさの物が識別できているに過ぎず、スペースデブリの監視技術を導入したとしても10cm程度の物(小型光検出器など)の識別ができるレベルである(例えば、非特許文献3参照)。 For example, a virtual eavesdropper with a strong receiving capability is installed near a legitimate receiver device in a line-of-sight communication channel for optical communication, and it is regarded as the maximum amount of information leaked to a true eavesdropper and secure key generation is performed Has been proposed and verified (see Non-Patent Document 1, Non-Patent Document 2, for example). In these proposals and demonstrations, taking advantage of the characteristics of the optical communication line-of-sight communication channel, the communication channel is monitored with a telescope, a camera, etc., and the security of the key is discussed under the assumption that there are no eavesdroppers on the optical communication line. are doing. However, the monitoring capability of the line-of-sight communication channel with the existing camera is only about 10 cm in size because the image is fluctuated by the atmosphere, and even if space debris monitoring technology is introduced, it is about 10 cm. This is a level at which an object (such as a small photodetector) can be identified (see Non-Patent Document 3, for example).
特開2004-104345号公報JP 2004-104345 A
 ところで、上述した特許文献1、非特許文献1~3を含むQKD技術では、見通し通信路にいる盗聴者は、量子メモリ、量子コンピュータを使用できるなど、あらゆる行為が可能という仮定がある。このため、鍵の生成速度、サービス距離に強い制限をかけざるを得ない。また、10cm以下の大きさの物(小型検出器など)が見通し通信路の途中に盗聴者により設置されていたとしても、識別できないため、盗聴などからの危険性またはリスクを排除することは難しい。 By the way, in the QKD technology including Patent Document 1 and Non-Patent Documents 1 to 3 described above, there is an assumption that an eavesdropper on the line-of-sight communication channel can perform all actions such as using a quantum memory and a quantum computer. For this reason, strong restrictions must be imposed on the key generation speed and service distance. Moreover, even if an object having a size of 10 cm or less (such as a small detector) is installed by an eavesdropper in the middle of a line-of-sight communication channel, it cannot be identified, so it is difficult to eliminate danger or risk from eavesdropping. .
 一方、RF帯(RF:Radio Frequency)では、750MHzよりも低いRF帯を用いた物理レイヤ暗号の実装を考えると、アンテナサイズは最低でも波長10cmに相当する大きさが必要となる。そのため、前述のような検波システムの小型化は難しい。仮に盗聴者によって見通し通信路に検波システムが設置された場合、最低でも10cmの大きさのアンテナが必要となるので、盗聴者による盗聴の発見が容易となる。しかし、アンテナを用いるRF帯の通信では、帯域制限や指向性が光を用いた通信の場合より劣ることとなる。 On the other hand, in the RF band (RF: Radio Frequency), considering the implementation of physical layer encryption using an RF band lower than 750 MHz, the antenna size must be at least equivalent to a wavelength of 10 cm. Therefore, it is difficult to reduce the size of the detection system as described above. If a detection system is installed on the line-of-sight channel by an eavesdropper, an antenna having a size of at least 10 cm is required, so that an eavesdropper can easily find an eavesdropper. However, in RF band communication using an antenna, band limitation and directivity are inferior to those in the case of communication using light.
 そこで本発明は、上述した問題点に鑑みて案出されたものであり、その目的とするところは、見通し通信路においてより安全に鍵共有を行うことが可能な秘密鍵共有システム及び秘密鍵共有方法を提供することにある。 Accordingly, the present invention has been devised in view of the above-described problems, and the object of the present invention is to provide a secret key sharing system and a secret key sharing system that can perform key sharing more safely in a line-of-sight communication channel. It is to provide a method.
 第1発明に係るかかる秘密鍵共有システムは、見通し通信路に配置される送信者装置と正規受信者装置との間で秘密鍵の共有を行う秘密鍵共有システムであって、送信者装置は、登録される乱数列を変調することにより光空間通信及びRF帯通信の秘密鍵を各々生成し、生成した秘密鍵を光空間通信及びRF帯通信を介して正規受信者装置に配信する鍵配信部と、鍵配信部の配信に基づいて、正規受信者装置で選別された秘密鍵に関する情報を受信し、受信した情報に基づいて光空間通信秘密鍵及びRF帯通信秘密鍵を各々生成する通信秘密鍵生成部と、通信秘密鍵生成部によって生成された光空間通信秘密鍵及びRF帯通信秘密鍵に含まれる共通の乱数列に基づき、正規受信者装置との間で共有すべき最終秘密鍵を生成する最終秘密鍵生成部と、を有し、正規受信者装置は、鍵配信部による光空間通信及びRF帯通信を介して配信された秘密鍵を受信するとともにこれを選別して送信者装置に送信する送信部を有することを特徴とする。 The secret key sharing system according to the first invention is a secret key sharing system for sharing a secret key between a sender device and a legitimate receiver device arranged in a line-of-sight communication channel, A key distribution unit that generates a secret key for optical space communication and RF band communication by modulating a random number sequence to be registered, and distributes the generated secret key to an authorized receiver device via optical space communication and RF band communication And a communication secret that receives information on the secret key selected by the authorized receiver device based on the distribution of the key distribution unit and generates an optical space communication secret key and an RF band communication secret key based on the received information. Based on a common random number sequence included in the optical space communication secret key and the RF band communication secret key generated by the key generation unit and the communication secret key generation unit, a final secret key to be shared with the authorized receiver device is determined. Final secret key generated And the authorized receiver device receives a secret key distributed via the optical space communication and the RF band communication by the key distribution unit, and selects and transmits the secret key to the sender device. It is characterized by having.
 第2発明に係る秘密鍵共有システムは、第1発明において、最終秘密鍵生成部は、最終秘密鍵を、同一長の乱数列で形成された光空間通信秘密鍵及びRF帯通信秘密鍵を整合させることにより生成することを特徴とする。 In the secret key sharing system according to the second invention, in the first invention, the final secret key generation unit matches the final secret key with the optical space communication secret key and the RF band communication secret key formed by a random number sequence of the same length. It is characterized by producing | generating.
 第3発明に係る秘密鍵共有システムは、見通し通信路に配置される送信者装置と正規受信者装置との間で秘密鍵の共有を行う秘密鍵共有システムであって、送信者装置は、登録される乱数列を複数に分割し、分割した乱数列をそれぞれ重畳させた光空間通信の複数の秘密鍵を生成するとともに、正規受信者装置を上記光空間通信のビームの中心に予め設定しつつ当該ビームの中心を含むようにビームワンダリングさせることで複数の秘密鍵をそれぞれ配信する鍵配信部と、鍵配信部による配信に基づいて、正規受信者装置において選別された複数の秘密鍵を受信し、光空間通信秘密鍵を生成する通信秘密鍵生成部と、通信秘密鍵生成部によって生成された光空間通信秘密鍵に含まれる共通の乱数列に基づき、上記送信者装置及び上記正規受信者装置で共有すべき最終秘密鍵を生成する最終秘密鍵生成部と、を有し、正規受信者装置は、鍵配信部による光空間通信を介して配信された秘密鍵を受信するとともにこれを選別して送信者装置に送信する送信部を有することを特徴とする。 A secret key sharing system according to a third aspect of the present invention is a secret key sharing system for sharing a secret key between a sender device and a legitimate receiver device arranged in a line-of-sight communication channel. And generating a plurality of secret keys for optical space communication by superimposing the divided random number sequences, and setting a proper receiver device at the center of the optical space communication beam in advance. A key distribution unit that distributes a plurality of secret keys by beam wandering so as to include the center of the beam, and a plurality of secret keys selected by the authorized receiver device based on distribution by the key distribution unit Then, based on a common random number sequence included in the optical space communication secret key generated by the communication secret key generation unit and the communication secret key generation unit that generates the optical space communication secret key, the sender device and the regular reception key A final secret key generation unit that generates a final secret key to be shared by the receiver device, and the authorized receiver device receives the secret key distributed via the optical space communication by the key distribution unit and It has a transmission part which sorts and transmits to a sender device.
 第4発明に係る秘密鍵共有システムは、第3発明において、想定される漏洩情報推定用受信機の位置及び盗聴者の位置に基づいて、ビームワンダリングの範囲を設定して配信することを特徴とする。 A secret key sharing system according to a fourth invention is characterized in that, in the third invention, the beam wandering range is set and distributed based on the assumed position of the leaked information estimation receiver and the position of the eavesdropper. And
 第5発明に係る秘密鍵共有方法は、見通し通信路に配置される送信者装置と正規受信者装置との間で秘密鍵の共有を行う秘密鍵共有方法であって、登録される乱数列を変調することにより光空間通信及びRF帯通信の秘密鍵を各々生成し、生成した秘密鍵を光空間通信及びRF帯通信を介して送信者装置から正規受信者装置に配信する鍵配信工程と、鍵配信工程による光空間通信及びRF帯通信を介して配信された秘密鍵を正規受信者装置において受信するとともにこれを選別して送信者装置に送信する送信工程と、正規受信者装置で選別された秘密鍵に関する情報を上記送信者装置において受信し、受信した内容に基づいて光空間通信秘密鍵及びRF帯通信秘密鍵を各々生成する通信秘密鍵生成工程と、通信秘密鍵生成工程において生成された光空間通信秘密鍵及びRF帯通信秘密鍵に含まれる共通の乱数列に基づき、送信者装置と上記正規受信者装置との間で共有すべき最終秘密鍵を生成する最終秘密鍵生成工程とを有することを特徴とする。 A secret key sharing method according to a fifth aspect of the present invention is a secret key sharing method for sharing a secret key between a sender device and a legitimate receiver device arranged in a line-of-sight communication channel. A key distribution step of generating a secret key for optical space communication and RF band communication by modulating, respectively, and distributing the generated secret key from a sender device to an authorized receiver device via optical space communication and RF band communication; A secret key distributed via optical space communication and RF band communication in the key distribution process is received at the authorized receiver device and is selected and transmitted to the sender device, and is selected by the authorized receiver device. Information on the received secret key is received at the sender device, and generated in the communication secret key generating step and the communication secret key generating step for generating the optical space communication secret key and the RF band communication secret key based on the received contents. Final secret key generation step for generating a final secret key to be shared between the sender device and the regular receiver device based on a common random number sequence included in the optical space communication secret key and the RF band communication secret key It is characterized by having.
 第6発明に係る秘密鍵共有方法は、見通し通信路に配置される送信者装置と正規受信者装置との間で秘密鍵の共有を行う秘密鍵共有方法であって、送信者装置において、登録される乱数列を複数に分割し、分割した乱数列をそれぞれ重畳させた光空間通信の複数の秘密鍵を生成するとともに、正規受信者装置を上記光空間通信のビームの中心に予め設定しつつ当該ビームの中心を含むようにビームワンダリングさせることで複数の秘密鍵をそれぞれ配信する鍵配信工程と、鍵配信工程における光空間通信を介して配信された秘密鍵を上記正規受信者装置において受信するとともにこれを選別して送信者装置に送信する送信工程と、正規受信者装置において選別された複数の秘密鍵を上記送信者装置において受信し、光空間通信秘密鍵を生成する通信秘密鍵生成工程と、通信秘密鍵生成工程において生成した光空間通信秘密鍵に含まれる共通の乱数列に基づき、送信者装置及び上記正規受信者装置で共有すべき最終秘密鍵を生成する最終秘密鍵生成工程と、を有することを特徴とする。 A secret key sharing method according to a sixth invention is a secret key sharing method for sharing a secret key between a sender device and a legitimate receiver device arranged in a line-of-sight communication channel. And generating a plurality of secret keys for optical space communication by superimposing the divided random number sequences, and setting a proper receiver device at the center of the optical space communication beam in advance. A key distribution process for distributing each of a plurality of secret keys by beam wandering so as to include the center of the beam, and a secret key distributed via optical space communication in the key distribution process is received by the regular receiver device. And transmitting the selected secret key to the sender device and receiving the plurality of secret keys selected by the authorized receiver device at the sender device to generate an optical space communication secret key. And generating a final secret key to be shared between the sender device and the regular receiver device based on a common random number sequence included in the optical space communication secret key generated in the communication secret key generation step. And a final secret key generation step.
 第1発明~第6発明によれば、送信者装置と正規受信者装置との間で量子暗号通信に光空間通信及びRF帯通信を用いる。このため、光空間通信では10cm以下の物質を検知できないが、RF帯通信では10cm以下のアンテナでは容易に受信できない750MHzよりも低い周波数のRF通信においても秘密鍵共有が可能となる。これにより、1つの鍵で別の鍵をコーディングした結果を送信者装置と正規受信者装置で共通の最終鍵とすることにより、RF帯通信がもつ広いビーム広がり角に伴う、盗聴者への情報漏洩と光空間通信での通信路における盗聴者の存在による脅威を排除することが可能となる、秘密鍵の共通を安全に実施することができる。 According to the first to sixth inventions, optical space communication and RF band communication are used for quantum cryptography communication between the sender device and the authorized receiver device. For this reason, a secret key can be shared even in RF communication with a frequency lower than 750 MHz, which cannot be detected by an antenna having a length of 10 cm or less in RF band communication, but cannot be detected by an antenna of 10 cm or less in optical band communication. As a result, the result of coding another key with one key is used as the final key common to the sender device and the authorized receiver device, so that information to an eavesdropper with a wide beam divergence angle of RF band communication can be obtained. It is possible to safely implement a common secret key that makes it possible to eliminate threats due to leakage and the presence of an eavesdropper on a communication path in optical space communication.
 特に、第2発明によれば、同一長の乱数列で形成された光空間通信秘密鍵及び高周波帯通信秘密鍵の整合により最終の秘密鍵を生成する。このため、光空間通信のみ、またはRF帯通信のみの通信路符号化及び秘密鍵共有に比べて、盗聴者の受信能力を制限できる。これにより、通信路中に盗聴者が仮に居たとしても、送信者装置と正規受信者装置で安全な鍵共有が可能となる。 In particular, according to the second invention, a final secret key is generated by matching an optical space communication secret key and a radio frequency band communication secret key formed of a random number sequence of the same length. For this reason, the reception capability of an eavesdropper can be limited as compared with channel coding and secret key sharing for optical space communication only or RF band communication only. As a result, even if an eavesdropper is present in the communication path, safe key sharing is possible between the sender device and the authorized receiver device.
 特に、第3発明によれば、正規受信者装置の付近で光ビームの中心軸を替えて送信することで、送信者装置からの光ビームが複数となり、全体として光ビームの範囲画が広がる。このため、盗聴者に漏れる情報量の最大限を与えるものと仮定し、送信者装置と正規受信者装置で安全な鍵生成と共有が可能となる。広がり範囲が大きい場合、複数に分けられるので、実効的に光ビーム広がり角を狭めることが可能となり、秘密鍵の共通を安全に実施することができる。 In particular, according to the third invention, by changing the central axis of the light beam in the vicinity of the authorized receiver device and transmitting, a plurality of light beams from the sender device are provided, and the range image of the light beam is expanded as a whole. For this reason, it is assumed that the maximum amount of information leaked to the eavesdropper is given, and secure key generation and sharing are possible between the sender device and the authorized receiver device. When the spread range is large, it is divided into a plurality of ranges, so that the light beam spread angle can be effectively narrowed, and the secret key can be shared safely.
 特に、第4発明によれば、メッセージをビームワンダリングさせる回数に合わせで分割して送信する。このため、盗聴者は仮に1つだけ盗聴しても全体像が分からないことになる。これにより、通信路内に仮に盗聴者がいたとしても、安全かつ高速に鍵共有を実現できる。さらに、光空間通信による光の光ビーム広がり角による情報漏洩も抑えることができる。これにより、送信者装置と正規受信者装置における物理レイヤ暗号の実現に非常に強力な手法となり、秘密鍵の共通を安全に実施することができる。 In particular, according to the fourth invention, the message is divided and transmitted according to the number of times of beam wandering. For this reason, even if only one eavesdropper eavesdrops, the whole picture is not known. Thereby, even if there is an eavesdropper in the communication path, key sharing can be realized safely and at high speed. Furthermore, information leakage due to the light beam divergence angle due to optical space communication can also be suppressed. Thereby, it becomes a very powerful method for realizing the physical layer encryption in the sender apparatus and the authorized receiver apparatus, and the secret key can be shared safely.
 特に、第5発明によれば、送信者装置と正規受信者装置との間で量子暗号通信に光空間通信及びRF帯通信を用いる。このため、光空間通信では10cm以下の物質を検知できないが、RF帯通信では10cm以下のアンテナでは容易に受信できない750MHzよりも低い周波数のRF通信においても秘密鍵共有が可能となる。これにより、1つの鍵で別の鍵をコーディングした結果を最終鍵とすることにより、RF帯通信がもつ広い光ビーム広がり角に伴う、盗聴者への情報漏洩と光空間通信での通信路における盗聴者の存在による脅威を排除することが可能となり、秘密鍵の共通を安全に実施することができる。 In particular, according to the fifth invention, optical space communication and RF band communication are used for quantum cryptography communication between the sender device and the authorized receiver device. For this reason, a secret key can be shared even in RF communication with a frequency lower than 750 MHz, which cannot be detected by an antenna having a length of 10 cm or less in RF band communication, but cannot be detected by an antenna of 10 cm or less in optical band communication. As a result, by coding the result of coding one key with another key as the final key, information leakage to an eavesdropper and communication path in optical space communication associated with the wide light beam divergence angle of RF band communication It becomes possible to eliminate the threat caused by the presence of an eavesdropper, and to share a secret key safely.
 特に、第6発明によれば、正規受信者装置の付近で光ビームの中心軸を替えて送信することで、送信者装置からの光ビームが複数となり、全体として光ビームの範囲画が広がる。このため、盗聴者に漏れる情報量の最大限を与えるものと仮定し、安全な鍵生成が可能となる。広がり範囲が大きい場合、複数に分けられるので、実効的に光ビーム広がり角を狭めることが可能となり、送信者装置と正規受信者装置で秘密鍵の共通を安全に実施することができる。 Particularly, according to the sixth invention, by changing the central axis of the light beam in the vicinity of the authorized receiver device and transmitting, a plurality of light beams from the transmitter device are provided, and the range image of the light beam is expanded as a whole. For this reason, it is assumed that the maximum amount of information leaked to the eavesdropper is given, and secure key generation becomes possible. When the spread range is large, the light beam spread angle can be effectively narrowed because it is divided into a plurality of ranges, and the secret key can be safely shared between the sender device and the authorized receiver device.
図1は、本発明が適用される秘密鍵共有システムの一例を示す模式図である。FIG. 1 is a schematic diagram showing an example of a secret key sharing system to which the present invention is applied. 図2は、本発明が適用される秘密鍵共有システムの衛星1の構成の一例を示すブロック図である。FIG. 2 is a block diagram showing an example of the configuration of the satellite 1 of the secret key sharing system to which the present invention is applied. 図3は、第1実施形態における秘密鍵共有システムの一例を示すブロック図である。FIG. 3 is a block diagram illustrating an example of a secret key sharing system according to the first embodiment. 図4は、第1実施形態における秘密鍵共有の動作の一例を示す模式図である。FIG. 4 is a schematic diagram showing an example of secret key sharing operation in the first embodiment. 図5は、第2実施形態における秘密鍵共有システムの一例を示す模式図である。FIG. 5 is a schematic diagram illustrating an example of a secret key sharing system according to the second embodiment. 図6は、第2実施形態における秘密鍵共有の動作の一例を示す模式図である。FIG. 6 is a schematic diagram illustrating an example of secret key sharing operation according to the second embodiment. 図7は、第2実施形態における秘密鍵共有の動作の一例を示す模式図である。FIG. 7 is a schematic diagram illustrating an example of secret key sharing operation in the second embodiment.
 以下、本発明の実施形態における秘密鍵共有システムの一例について、図面を参照しながら説明する。 Hereinafter, an example of a secret key sharing system according to an embodiment of the present invention will be described with reference to the drawings.
 第1実施形態
 図1は、本実施形態における秘密鍵共有システム10の一例を示す模式図である。 First Embodiment FIG. 1 is a schematic diagram showing an example of a secret key sharing system 10 in this embodiment.
 本実施形態の秘密鍵共有システム10では、図1に示すように、衛星1と2つの地上局2およびアンテナ3を用いた量子鍵配信によるもので、地球規模での秘密鍵の共有が可能となる。衛星1は、送信者装置11であり、地上局2及びアンテナ3は、正規受信者装置14である。この正規受信者装置14は、送信者装置11が真に秘密鍵の共有を希望する相手側の装置である。 In the secret key sharing system 10 of the present embodiment, as shown in FIG. 1, the secret key sharing system 10 is based on quantum key distribution using the satellite 1, the two ground stations 2 and the antenna 3, and can share secret keys on a global scale. Become. The satellite 1 is a sender device 11, and the ground station 2 and the antenna 3 are regular receiver devices 14. The regular receiver device 14 is a device on the other side that the sender device 11 truly wants to share a secret key.
 正規受信者装置14では、受信状況に応じて、ビット誤り、誤り訂正などの処理が行い、送信者装置11から配信された秘密鍵の選別を行う。正規受信者装置14における地上局2は、例えば、望遠鏡で衛星1からの光空間通信を行う。また正規受信者装置14におけるアンテナ3は、RF帯の電波によるRF帯通信を衛星1との間で行う。 The legitimate receiver device 14 performs processing such as bit error and error correction according to the reception status, and sorts the secret key distributed from the sender device 11. The ground station 2 in the regular receiver apparatus 14 performs, for example, optical space communication from the satellite 1 with a telescope. Further, the antenna 3 in the regular receiver device 14 performs RF band communication with the satellite 1 using radio waves in the RF band.
 図2は、本発明が適用される秘密鍵共有システムの衛星1の構成の一例を示すブロック図である。 FIG. 2 is a block diagram showing an example of the configuration of the satellite 1 of the secret key sharing system to which the present invention is applied.
 衛星1は、図2に示すように鍵配信部4と、通信秘密鍵生成部5と、最終秘密鍵生成部6を備えている。鍵配信部4は、光空間通信鍵配送部41とRF帯通信鍵配送部42とを備える。鍵配信部4は、乱数列を変調することにより、光空間通信鍵配送部41及びRF帯通信鍵配送部42にて、各秘密鍵を各々生成し、生成した秘密鍵を光空間通信及びRF帯通信を介して地上局2、アンテナ3に配信する。 The satellite 1 includes a key distribution unit 4, a communication secret key generation unit 5, and a final secret key generation unit 6 as shown in FIG. The key distribution unit 4 includes an optical space communication key distribution unit 41 and an RF band communication key distribution unit 42. The key distribution unit 4 modulates the random number sequence to generate each secret key in the optical space communication key distribution unit 41 and the RF band communication key distribution unit 42, and uses the generated secret key for optical space communication and RF It is distributed to the ground station 2 and the antenna 3 via band communication.
 光空間通信鍵配送部41は、衛星1に搭載される物理乱数生成器により変調した乱数列を生成する。この乱数列は予め登録されているものであってもよい。光空間通信鍵配送部41は、生成した乱数列を量子効果を用いて光空間通信により地上局2に配信する。この光空間通信は、例えば、衛星1に備わる光ビーム方式により送信されることとしてもよい。この場合、ビーム光の強弱、絞りなどにより地上に届くビーム光の範囲は強さを決めることとしてもよい。なおビーム光は、例えば地上局2の位置がビーム光の中心になるように設定されつつ配信されるものでもよい。 The optical space communication key distribution unit 41 generates a random number sequence modulated by a physical random number generator mounted on the satellite 1. This random number sequence may be registered in advance. The optical space communication key distribution unit 41 distributes the generated random number sequence to the ground station 2 by optical space communication using the quantum effect. This optical space communication may be transmitted by, for example, a light beam system provided in the satellite 1. In this case, the intensity of the light beam reaching the ground due to the intensity of the light beam, the diaphragm, or the like may be determined. The beam light may be distributed while being set so that the position of the ground station 2 becomes the center of the beam light, for example.
 RF帯通信鍵配送部42は、物理乱数生成器により変調した乱数列を、RF帯通信によりアンテナ3に配信する。通信秘密鍵生成部5は、鍵配信部4の配信に基づいて、正規受信者装置14で選別された秘密鍵を受信し、秘密鍵の整合を行う。 The RF band communication key distribution unit 42 distributes the random number sequence modulated by the physical random number generator to the antenna 3 by RF band communication. The communication secret key generation unit 5 receives the secret key selected by the authorized recipient device 14 based on the distribution of the key distribution unit 4, and performs secret key matching.
 通信秘密鍵生成部5は、正規受信者装置14で選別された各秘密鍵に関する情報を受信する。通信秘密鍵生成部5は、秘密鍵に関する情報に基づいて選別された結果の整合を行う。通信秘密鍵生成部5は、選別された光空間通信秘密鍵及びRF帯通信秘密鍵を各々生成する。 The communication secret key generation unit 5 receives information on each secret key selected by the authorized receiver device 14. The communication secret key generation unit 5 matches the results selected based on the information about the secret key. The communication secret key generation unit 5 generates the selected optical space communication secret key and RF band communication secret key.
 最終秘密鍵生成部6は、通信秘密鍵生成部5で生成した光空間通信秘密鍵及びRF帯通信秘密鍵に含まれる共通の乱数列に基づき、正規受信者装置14との間で共有すべき最終秘密鍵を生成する。例えば、この最終秘密鍵生成部6は、正規受信者装置14に備わっていてもよい。 The final secret key generation unit 6 should be shared with the authorized receiver device 14 based on the common random number sequence included in the optical space communication secret key and the RF band communication secret key generated by the communication secret key generation unit 5 Generate the final secret key. For example, the final secret key generation unit 6 may be included in the authorized recipient device 14.
 図3は、本発明を適用した秘密鍵共有システムにおいて盗聴者装置15が侵入する場合における全体構成を示す図である。この図3では、上述した衛星1に対応する送信者装置11(衛星1)から配信される地上局2が複数あるケースであり、一方が正規受信者装置14であり、他方が盗聴者装置15である。 FIG. 3 is a diagram showing an overall configuration when an eavesdropper device 15 enters in a secret key sharing system to which the present invention is applied. FIG. 3 shows a case where there are a plurality of ground stations 2 distributed from the transmitter apparatus 11 (satellite 1) corresponding to the satellite 1 described above, one of which is a regular receiver apparatus 14 and the other is an eavesdropper apparatus 15. It is.
 正規受信者装置14(地上局2、アンテナ3)は、送信者装置11(衛星1)との間で主通信路12を介して光空間通信を行う。盗聴者装置15は少なくとも地上局2に相当する構成を有し、更にアンテナ3に相当する構成を有する場合もある。盗聴者装置15は、送信者装置11にとって秘密鍵の共有を希望しない装置であり、盗聴者装置15が盗聴の目的を持って盗聴者通信路13を介して送信者装置11からの光空間通信やRF帯通信の傍受を試みようとするものである。 The regular receiver device 14 (the ground station 2 and the antenna 3) performs optical space communication with the transmitter device 11 (satellite 1) via the main communication path 12. The eavesdropper device 15 has a configuration corresponding to at least the ground station 2 and may further have a configuration corresponding to the antenna 3. The eavesdropper device 15 is a device that does not want the sender device 11 to share the secret key, and the eavesdropper device 15 performs optical space communication from the sender device 11 via the eavesdropper communication path 13 for the purpose of eavesdropping. And attempts to intercept RF band communications.
 次に本発明を適用した秘密鍵共有システム10の動作について説明をする。 Next, the operation of the secret key sharing system 10 to which the present invention is applied will be described.
 衛星1は、搭載される物理乱数生成器(図示せず)により生成された真性乱数を光の量子状態に変調し、光空間通信により地上局2に配信する。衛星1は、同様に真性乱数を変調した上で、RF帯通信によりアンテナ3に送信する。なお、物理乱数生成器は、衛星1の打ち上げ前において、正規受信者装置14側と共通のものを保有しておくようにする。 Satellite 1 modulates an intrinsic random number generated by an on-board physical random number generator (not shown) into a quantum state of light and distributes it to ground station 2 by optical space communication. Similarly, the satellite 1 modulates a true random number and transmits it to the antenna 3 by RF band communication. It should be noted that the physical random number generator is held in common with the regular receiver device 14 before the satellite 1 is launched.
 地上局2やアンテナ3では、既に保有する真性乱数に基づき、衛星1から配信された光空間通信及びRF帯通信により配信された情報の劣化の補正処理を行う。この補正処理は、例えば、ビット誤り、誤り訂正等である。これにより、衛星1では、正規受信者装置14から送信される秘密鍵に関する情報(補正情報など)に基づき、光空間通信秘密鍵及びRF帯通信秘密鍵を生成でき、共通の秘密鍵を保持することができる。 The ground station 2 and the antenna 3 perform correction processing for deterioration of information distributed by the optical space communication and the RF band communication distributed from the satellite 1 based on the intrinsic random numbers already held. This correction processing is, for example, bit error or error correction. As a result, the satellite 1 can generate an optical space communication secret key and an RF band communication secret key based on information (correction information, etc.) related to the secret key transmitted from the authorized receiver device 14, and holds a common secret key. be able to.
 衛星1は、光空間通信及びRF帯通信を通じて、地上局2やアンテナ3から選別結果情報を受信する。衛星1における通信秘密鍵生成部5は、選別結果情報に基づき、光空間通信及びRF帯通信により配信した乱数列の整合を行う。そして、整合の結果に基づき、光空間通信秘密鍵及びRF帯通信秘密鍵を生成する。 Satellite 1 receives sorting result information from ground station 2 and antenna 3 through optical space communication and RF band communication. The communication secret key generation unit 5 in the satellite 1 matches the random number sequence distributed by the optical space communication and the RF band communication based on the selection result information. Based on the matching result, an optical space communication secret key and an RF band communication secret key are generated.
 最終秘密鍵生成部6は、前述の処理に応じて別々の波長で生成された光空間通信秘密鍵及びRF帯通信秘密鍵から同ビット数を用意する。最終秘密鍵生成部6は、図4に示すように、光空間通信秘密鍵及びRF帯通信秘密鍵につき、用意したビット数から例えば排他的論理和を計算し、その計算結果を最終秘密鍵とする。 The final secret key generation unit 6 prepares the same number of bits from the optical space communication secret key and the RF band communication secret key generated at different wavelengths according to the above-described processing. As shown in FIG. 4, the final secret key generation unit 6 calculates, for example, an exclusive OR from the prepared number of bits for the optical space communication secret key and the RF band communication secret key, and the calculated result is used as the final secret key. To do.
 最終秘密鍵は、光空間通信秘密鍵(Key1)とRF帯通信秘密鍵(Key2)の両方の秘密鍵における各ビットについて、例えば、排他的論理和により算出される。これにより、最終秘密鍵として、共通乱数が生成され、この共通乱数が送信者装置11と正規受信者装置14で共有されることになる。 The final secret key is calculated by, for example, exclusive OR for each bit in both the optical space communication secret key (Key 1) and the RF band communication secret key (Key 2). As a result, a common random number is generated as the final secret key, and this common random number is shared between the sender device 11 and the authorized receiver device 14.
 このように第1実施形態によれば、送信者装置11と正規受信者装置14との間で光空間通信及びRF帯通信を用いて、別々の通信の選別結果に基づき、最終秘密鍵を生成する。このため、光空間通信及びRF帯通信のいずれかが盗聴者装置15を介して傍受されたとしても盗聴者装置15からは最終秘密鍵を再現することができない。このため、正規受信者装置14は、盗聴者装置15により傍受されることなく、より安全に最終秘密鍵の共有を行うことが可能となる。 As described above, according to the first embodiment, the final secret key is generated based on the selection result of the separate communication using the optical space communication and the RF band communication between the sender device 11 and the regular receiver device 14. To do. For this reason, even if either optical space communication or RF band communication is intercepted via the eavesdropper device 15, the final secret key cannot be reproduced from the eavesdropper device 15. For this reason, the authorized recipient device 14 can share the final secret key more safely without being intercepted by the eavesdropper device 15.
 第2実施形態
 以下、本発明を適用した秘密鍵共有システム10の第2実施形態について説明をする。第2実施形態において、上述した第1実施形態と同一の構成要素、部材に関しては同一の符号を付すことにより、以下での説明を省略する。 Second Embodiment Hereinafter, a second embodiment of the secret key sharing system 10 to which the present invention is applied will be described. In the second embodiment, the same components and members as those in the first embodiment described above are denoted by the same reference numerals, and the following description is omitted.
 この第2実施形態においては、図5に示すように、送信者装置11として衛星1のみを、また正規受信者装置14として地上局2のみを使用する。なお、正規受信者装置14内に最終鍵を生成するための構成が予め実装されている。 In the second embodiment, as shown in FIG. 5, only the satellite 1 is used as the transmitter device 11 and only the ground station 2 is used as the regular receiver device 14. Note that a configuration for generating a final key is preinstalled in the authorized recipient device 14.
 送信者装置11としての衛星1は、搭載される物理乱数生成器(図示せず)により生成された真性乱数を光の量子状態に変調し、光空間通信により地上局2としての正規受信者装置14に配信する。正規受信者装置14は、光空間通信を通じて配信された秘密鍵に基づいて、送信者装置11との間で共有すべき最終秘密鍵を生成する。 The satellite 1 as the sender device 11 modulates a true random number generated by an on-board physical random number generator (not shown) into a quantum state of light, and a regular receiver device as the ground station 2 by optical space communication. 14 is delivered. The authorized receiver device 14 generates a final secret key to be shared with the sender device 11 based on the secret key distributed through the optical space communication.
 以下、第2実施形態における光空間通信方法について詳細について説明をする。 Hereinafter, the optical space communication method according to the second embodiment will be described in detail.
 送信者装置11は、正規受信者装置14に対し、光空間通信の光ビームの中心を予め設定する。図6は、この光ビームの設定例を示している。光ビームの設定時には、光空間通信の光ビームの中心と、正規受信者装置14の位置と、盗聴者装置15の位置を考慮する。ちなみに盗聴者装置15は、擬似的な、いわば架空のものを設定するようにしてもよい。 The sender apparatus 11 presets the center of the light beam of the optical space communication with respect to the regular receiver apparatus 14. FIG. 6 shows a setting example of this light beam. At the time of setting the light beam, the center of the light beam of the optical space communication, the position of the regular receiver device 14 and the position of the eavesdropper device 15 are considered. Incidentally, the eavesdropper device 15 may be set to be a pseudo, so-called fictitious device.
 以下の例では、盗聴者装置15の検出能力は、正規受信者装置14と同等としている。また盗聴者装置15は、送信者装置11からの1つの光ビームに関しては、盗聴者装置15と同様のエネルギー密度での受光を可能とし、それ以外の光ビームでは、1σ以上離れているものと仮定する。 In the following example, the detection capability of the eavesdropper device 15 is equivalent to that of the regular receiver device 14. Further, the eavesdropper device 15 can receive light with the same energy density as that of the eavesdropper device 15 with respect to one light beam from the transmitter device 11, and other light beams are separated by 1σ or more. Assume.
 かかる仮定の下で、光空間通信の光ビームの中心を含むようにビームワンダリングの範囲を設定する。図6におけるビームワンダリングの光ビーム30~32は、光空間通信の光ビームの中心を正規受信者装置14に設定しつつ、当該中心を含むように設定した例である。互いの光ビーム30~32は完全に重複させないように設定し、かつその中心が正規受信者装置14からずらして設定している。 Under this assumption, the beam wandering range is set so as to include the center of the optical beam of optical space communication. The beam wandering light beams 30 to 32 in FIG. 6 are examples in which the center of the light beam for optical space communication is set to the authorized receiver device 14 and is set so as to include the center. The mutual light beams 30 to 32 are set so as not to be completely overlapped, and their centers are set so as to be shifted from the regular receiver apparatus 14.
 第2実施形態においては、送信者装置11において、実際に登録される乱数列を複数に分割する。そして分割した乱数列をそれぞれ重畳させた複数の秘密鍵を生成する。送信者装置11における鍵配信部4は、分割した乱数列に基づく秘密鍵をそれぞれビームワンダリングさせる各光ビームに重畳させて正規受信者装置14へ配信する。 In the second embodiment, the sender device 11 divides the random number sequence that is actually registered into a plurality of pieces. A plurality of secret keys are generated by superimposing the divided random number sequences. The key distribution unit 4 in the sender apparatus 11 distributes the secret key based on the divided random number sequence to each legitimate receiver apparatus 14 by superimposing it on each light beam to be beam wandered.
 例えば、図7に示すように、乱数列を分割秘密鍵A、分割秘密鍵B、分割秘密鍵Cの3つに分割した場合には、少なくともビームワンダリングさせる各光ビームを3本設定し、各光ビームに秘密鍵をそれぞれ重畳させて正規受信者装置14へと配信する。図7の例では、分割秘密鍵Aを光ビーム30に、分割秘密鍵Bを光ビーム31に、分割秘密鍵Cを光ビーム32に重畳させて配信する。 For example, as shown in FIG. 7, when the random number sequence is divided into three, that is, a divided secret key A, a divided secret key B, and a divided secret key C, at least three light beams to be beam wandered are set, A secret key is superimposed on each light beam and distributed to the authorized recipient device 14. In the example of FIG. 7, the divided secret key A is superimposed on the light beam 30, the divided secret key B is superimposed on the light beam 31, and the divided secret key C is superimposed on the light beam 32 for distribution.
 これら分割秘密鍵A、分割秘密鍵B、分割秘密鍵Cは、光空間通信における送信者装置11と正規受信者装置14で、各光ビームのエラーレート及び漏洩情報量の推定値の違いから、秘密鍵の鍵長が異なることがある。このため、これらビームワンダリングされた光ビームを受信した正規受信者装置14は、各々受信した分割秘密鍵A、分割秘密鍵B、分割秘密鍵Cのうち、例えば、最も少ない秘密鍵の鍵長を基準とし、それを各秘密鍵で得られた鍵長とし、それよりも長い鍵を捨てるような処理を行う。 These divided secret key A, divided secret key B, and divided secret key C are the difference between the error rate of each light beam and the estimated value of the leaked information amount in the transmitter device 11 and the regular receiver device 14 in optical space communication. The key length of the secret key may be different. For this reason, the legitimate receiver apparatus 14 that has received the beam wandered light beam, for example, the key length of the smallest secret key among the received divided secret key A, divided secret key B, and divided secret key C. Is used as a reference, and the key length obtained with each secret key is used, and a process of discarding a longer key is performed.
 その上で正規受信者装置14は、分割秘密鍵A、分割秘密鍵B、分割秘密鍵Cに基づき、各々の排他的論理和から、共通乱数を抽出する。そして、抽出した共通乱数を、光空間通信を介してワンダリングさせて正規受信者装置14で共有する最終秘密鍵とする。 Then, the authorized receiver device 14 extracts a common random number from each exclusive OR based on the divided secret key A, the divided secret key B, and the divided secret key C. Then, the extracted common random number is wandered through the optical space communication and used as the final secret key shared by the authorized recipient device 14.
 図6に示すように、正規受信者装置14を中心とし、擬似的に設定した漏洩情報推定要受信機を通じて漏洩情報量を検知することで、実際の盗聴者装置15における最大接近距離を推定することができる。最終秘密鍵を生成する上では、この分割秘密鍵の全てを高い強度を以って正確に取得する必要がある。つまり、分割秘密鍵の一つでも抜けがあれば最終秘密鍵を生成することができない。 As shown in FIG. 6, the maximum approach distance in the actual eavesdropper device 15 is estimated by detecting the amount of leaked information through a pseudo-set leaked information estimation required receiver with the legitimate receiver device 14 as the center. be able to. In generating the final secret key, it is necessary to accurately acquire all of the divided secret keys with high strength. That is, if even one of the divided secret keys is missing, the final secret key cannot be generated.
 盗聴者装置15が実際にこのビームワンダリングされた全ての光ビームを受光するためには、正規受信者装置14と同一位置か、その極近傍まで接近する必要があるが実際には実現がかなり難しい。このため、盗聴者装置15による光ビームの受信は、不完全なものとなり、最終秘密鍵を得ることは事実上困難となる。 In order for the eavesdropper device 15 to actually receive all of the beam wandered light beams, it is necessary to approach the same position as the regular receiver device 14 or close to its immediate vicinity, but in practice it is quite realizable. difficult. For this reason, the reception of the light beam by the eavesdropper device 15 becomes incomplete, and it is practically difficult to obtain the final secret key.
 従って、正規受信者装置14は、盗聴者装置15により傍受されることなく、より安全に最終秘密鍵の共有を行うことが可能となる。 Therefore, the legitimate receiver device 14 can more securely share the final secret key without being intercepted by the eavesdropper device 15.
 なお、鍵配信部4は、実際に配信する光ビームについて、よりビーム径を狭めた上でこれをビームワンダリングするようにしてもよい。これにより、ビームの広がりに伴う情報漏えいを極めて高効率に低減させることも可能となる。 Note that the key distribution unit 4 may narrow the beam diameter of the light beam that is actually distributed, and then perform beam wandering. As a result, it is possible to reduce the information leakage accompanying the spread of the beam with extremely high efficiency.
 また、本実施形態における見通し通信路に配置される送信者装置と正規受信者装置との間で秘密鍵の共有を行う秘密鍵共有方法は、上述した秘密鍵共有システム10における鍵配信工程と、送信工程と、通信秘密鍵生成工程と、最終秘密鍵生成工程とを有することで、RF帯通信では10cm以下のアンテナでは容易に受信できない750MHzよりも低い周波数のRF通信においても秘密鍵共有が可能となる。 Further, the secret key sharing method for sharing the secret key between the sender device and the regular receiver device arranged in the line-of-sight channel in the present embodiment includes the key distribution step in the secret key sharing system 10 described above, By having a transmission step, a communication secret key generation step, and a final secret key generation step, secret key sharing is possible even in RF communication at a frequency lower than 750 MHz that cannot be easily received by an antenna of 10 cm or less in RF band communication. It becomes.
 これにより、1つの鍵で別の鍵をコーディングした結果を最終鍵とすることにより、RF帯通信がもつ広い光ビーム広がり角に伴う、盗聴者への情報漏洩と光空間通信での通信路における盗聴者の存在による脅威を排除することが可能となり、秘密鍵の共通を安全に実施することができる。 As a result, by coding the result of coding one key with another key as the final key, information leakage to an eavesdropper and communication path in optical space communication associated with the wide light beam divergence angle of RF band communication It becomes possible to eliminate the threat caused by the presence of an eavesdropper, and to share a secret key safely.
 本発明の実施形態を説明したが、各実施形態は例として提示したものであり、発明の範囲を限定することは意図していない。これら新規な実施形態は、その他の様々な形態で実施されることが可能であり、発明の要旨を逸脱しない範囲で、種々の省略、置き換え、変更を行うことができる。これら実施形態やその変形は、発明の範囲や要旨に含まれるとともに、特許請求の範囲に記載された発明とその均等の範囲に含まれる。 Although embodiments of the present invention have been described, each embodiment is presented as an example and is not intended to limit the scope of the invention. These novel embodiments can be implemented in various other forms, and various omissions, replacements, and changes can be made without departing from the scope of the invention. These embodiments and modifications thereof are included in the scope and gist of the invention, and are included in the invention described in the claims and the equivalents thereof.
1    :衛星
2    :地上局
3      :アンテナ
4    :鍵配信部
5    :通信秘密鍵生成部
6    :最終秘密鍵生成部
10   :秘密鍵共有システム
11   :送信者装置
12   :主通信路
13   :盗聴者通信路
14   :正規受信者装置
15   :盗聴者装置
30,31,32:光ビーム
41   :光空間通信鍵配送部
42   :RF帯通信鍵配送部
A~C  :分割秘密鍵 1: Satellite 2: Ground station 3: Antenna 4: Key distribution unit 5: Communication secret key generation unit 6: Final secret key generation unit 10: Secret key sharing system 11: Sender device 12: Main communication channel 13: Eavesdropper communication Path 14: Authorized receiver device 15: Eavesdropper device 30, 31, 32: Light beam 41: Optical space communication key distribution unit 42: RF band communication key distribution unit A to C: Divided secret key

Claims (6)

  1.  見通し通信路に配置される送信者装置と正規受信者装置との間で秘密鍵の共有を行う秘密鍵共有システムであって、
     上記送信者装置は、
     乱数列を光空間通信及びRF帯通信を用いて伝送し、秘密鍵を各々生成し、生成した秘密鍵を光空間通信及びRF帯通信を介して上記正規受信者装置に配信する鍵配信部と、
     上記鍵配信部の配信に基づいて、上記正規受信者装置で選別された秘密鍵に関する情報を受信し、受信内容に基づいて光空間通信秘密鍵及びRF帯通信秘密鍵を各々生成する通信秘密鍵生成部と、
     上記通信秘密鍵生成部によって生成された光空間通信秘密鍵及びRF帯通信秘密鍵に含まれる共通の乱数列に基づき、上記正規受信者装置との間で共有すべき最終秘密鍵を生成する最終秘密鍵生成部とを有し、
     上記正規受信者装置は、
     上記鍵配信部による光空間通信及びRF帯通信を介して配信された秘密鍵を受信するとともにこれを選別して上記送信者装置に送信する送信部を有すること、
     を特徴とする秘密鍵共有システム。     A secret key sharing system for sharing a secret key between a sender device and a legitimate receiver device arranged in a line-of-sight channel,
    The sender device is
    A key distribution unit that transmits a random number sequence using optical space communication and RF band communication, generates a secret key, and distributes the generated secret key to the authorized recipient device via optical space communication and RF band communication; ,
    A communication secret key that receives information on the secret key selected by the authorized receiver device based on the distribution of the key distribution unit and generates an optical space communication secret key and an RF band communication secret key based on the received content A generator,
    Based on a common random number sequence included in the optical space communication secret key and the RF band communication secret key generated by the communication secret key generation unit, a final secret key to be shared with the authorized receiver device is generated. A secret key generation unit,
    The regular recipient device is
    Receiving a secret key distributed through optical space communication and RF band communication by the key distribution unit, and having the transmission unit select and transmit the secret key to the sender device;
    A secret key sharing system.
  2.  上記最終秘密鍵生成部は、 上記最終秘密鍵を、同一長の乱数列で形成された上記光空間通信秘密鍵及び上記RF帯通信秘密鍵を整合させることにより生成すること、
     を特徴とする請求項1記載の秘密鍵共有システム。     The final secret key generation unit generates the final secret key by matching the optical space communication secret key formed by a random number sequence of the same length and the RF band communication secret key;
    The secret key sharing system according to claim 1.
  3.  見通し通信路に配置される送信者装置と正規受信者装置との間で秘密鍵の共有を行う秘密鍵共有システムであって、
     上記送信者装置は、
     乱数列を複数に分割し、分割した乱数列をそれぞれ重畳させた光空間通信の複数の秘密鍵を生成するとともに、上記正規受信者装置を上記光空間通信のビームの中心に予め設定しつつ当該ビームの中心を含むようにビームワンダリングさせることで上記複数の秘密鍵をそれぞれ配信する鍵配信部を有し、
     上記正規受信者装置は、
     上記鍵配信部による光空間通信を介して配信された各光ビームに含まれる秘密鍵に基づき、上記送信者装置との間で共有すべき最終秘密鍵を生成する最終秘密鍵生成部を有すること
     を特徴とする秘密鍵共有システム。     A secret key sharing system for sharing a secret key between a sender device and a legitimate receiver device arranged in a line-of-sight channel,
    The sender device is
    Dividing the random number sequence into a plurality of numbers, generating a plurality of secret keys for optical space communication in which the divided random number sequences are respectively superimposed, and setting the regular receiver device at the center of the optical space communication beam in advance A key distribution unit that distributes each of the plurality of secret keys by beam wandering so as to include the center of the beam;
    The regular recipient device is
    Having a final secret key generation unit that generates a final secret key to be shared with the sender device based on a secret key included in each light beam distributed through optical space communication by the key distribution unit. A secret key sharing system.
  4.  上記鍵配信部は、想定される漏洩情報推定用受信機の位置及び盗聴者の位置に基づいて、上記ビームワンダリングの範囲を設定して配信すること、
     を特徴とする請求項3記載の秘密鍵共有システム。     The key distribution unit sets and distributes the beam wandering range based on the assumed position of the leaked information estimation receiver and the position of the eavesdropper,
    The secret key sharing system according to claim 3.
  5.  見通し通信路に配置される送信者装置と正規受信者装置との間で秘密鍵の共有を行う秘密鍵共有方法であって、
     乱数列を変調することにより光空間通信及びRF帯通信の秘密鍵を各々生成し、生成した秘密鍵を光空間通信及びRF帯通信を介して上記送信者装置から上記正規受信者装置に配信する鍵配信工程と、
     上記鍵配信工程による光空間通信及びRF帯通信を介して配信された秘密鍵を上記正規受信者装置において受信するとともに、これを選別して上記送信者装置に送信する送信工程と、
     上記正規受信者装置で選別された秘密鍵に関する情報を上記送信者装置において受信し、受信内容に基づいて光空間通信秘密鍵及びRF帯通信秘密鍵を各々生成する通信秘密鍵生成工程と、
     上記通信秘密鍵生成工程において生成された光空間通信秘密鍵及びRF帯通信秘密鍵に含まれる共通の乱数列に基づき、上記送信者装置と上記正規受信者装置との間で共有すべき最終秘密鍵を生成する最終秘密鍵生成工程とを有すること、
     を特徴とする秘密鍵共有方法。     A secret key sharing method for sharing a secret key between a sender device and a legitimate receiver device arranged in a line-of-sight channel,
    By modulating the random number sequence, a secret key for optical space communication and RF band communication is generated, and the generated secret key is distributed from the sender device to the authorized receiver device via optical space communication and RF band communication. Key distribution process;
    A transmission step of receiving the secret key distributed through the optical space communication and the RF band communication by the key distribution step at the regular receiver device, and selecting and transmitting the secret key to the transmitter device;
    A communication secret key generation step of receiving information on the secret key selected by the regular receiver device at the transmitter device and generating an optical space communication secret key and an RF band communication secret key based on the received content,
    Based on the common random number sequence included in the optical space communication secret key and the RF band communication secret key generated in the communication secret key generation step, the final secret to be shared between the sender device and the authorized receiver device Having a final secret key generation step of generating a key;
    A secret key sharing method characterized by the above.
  6.  見通し通信路に配置される送信者装置と正規受信者装置との間で秘密鍵の共有を行う秘密鍵共有方法であって、
     上記送信者装置において、乱数列を複数に分割し、分割した乱数列をそれぞれ重畳させた光空間通信の複数の秘密鍵を生成するとともに、上記正規受信者装置を上記光空間通信のビームの中心に予め設定しつつ当該ビームの中心を含むようにビームワンダリングさせることで上記複数の秘密鍵をそれぞれ配信する鍵配信工程と、
     上記鍵配信工程による光空間通信を介して正規受信者装置に配信された各光ビームに含まれる秘密鍵に基づき、上記送信者装置との間で共有すべき最終秘密鍵を生成する最終秘密鍵生成工程とを有すること、
     を特徴とする秘密鍵共有方法。     A secret key sharing method for sharing a secret key between a sender device and a legitimate receiver device arranged in a line-of-sight channel,
    In the transmitter apparatus, the random number sequence is divided into a plurality of pieces, and a plurality of secret keys for optical space communication are generated by superimposing the divided random number sequences, respectively, and the regular receiver apparatus is A key distribution step of distributing each of the plurality of secret keys by beam wandering so as to include the center of the beam while being set in advance,
    A final secret key for generating a final secret key to be shared with the sender device based on a secret key included in each light beam distributed to the authorized receiver device via optical space communication in the key distribution step Having a generation step,
    A secret key sharing method characterized by the above.
PCT/JP2019/020022 2018-06-15 2019-05-21 Secret-key sharing system and secret-key sharing method WO2019239815A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2018-114838 2018-06-15
JP2018114838A JP7120607B2 (en) 2018-06-15 2018-06-15 Secret key sharing system and secret key sharing method

Publications (1)

Publication Number Publication Date
WO2019239815A1 true WO2019239815A1 (en) 2019-12-19

Family

ID=68842531

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2019/020022 WO2019239815A1 (en) 2018-06-15 2019-05-21 Secret-key sharing system and secret-key sharing method

Country Status (2)

Country Link
JP (1) JP7120607B2 (en)
WO (1) WO2019239815A1 (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006042174A (en) * 2004-07-29 2006-02-09 Doshisha Communication system
JP2012034026A (en) * 2010-07-28 2012-02-16 Buffalo Inc Encryption key sharing method, radio terminal, and access point
JP2018074253A (en) * 2016-10-25 2018-05-10 国立研究開発法人情報通信研究機構 Encryption key sharing system via unmanned aircraft, signal transmission system by unmanned aircraft, and unmanned aircraft

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006042174A (en) * 2004-07-29 2006-02-09 Doshisha Communication system
JP2012034026A (en) * 2010-07-28 2012-02-16 Buffalo Inc Encryption key sharing method, radio terminal, and access point
JP2018074253A (en) * 2016-10-25 2018-05-10 国立研究開発法人情報通信研究機構 Encryption key sharing system via unmanned aircraft, signal transmission system by unmanned aircraft, and unmanned aircraft

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
ENDO HIROYUKI : "Channel estimation experiment for physical layer cryptography in free-space optical communication", JOURNAL OF THE NATIONAL INSTITUTE OF INFORMATION AND COMMUNICATIONS TECHNOLOGY, vol. 63, no. 1, October 2017 (2017-10-01), pages 27 - 34 *

Also Published As

Publication number Publication date
JP2019220762A (en) 2019-12-26
JP7120607B2 (en) 2022-08-17

Similar Documents

Publication Publication Date Title
US20200396067A1 (en) Quantum protection of telemetry tracking and command links
JP2023502349A (en) quantum key distribution protocol
US9036817B1 (en) Network communications using quantum key distribution
Trinh et al. Secrecy analysis of FSO systems considering misalignments and eavesdropper’s location
Wang et al. Enhancing the security of free-space optical communications with secret sharing and key agreement
Trinh et al. Quantum key distribution over FSO: Current development and future perspectives
CN110855438A (en) Quantum key distribution method and system based on annular QKD network
US20240106641A1 (en) Key exchange protocol for satellite based quantum network
Neumann et al. Quantum communication for military applications
GB2604665A (en) Key exchange using a quantum key distribution protocol
WO2015166719A1 (en) Physical layer encryption device and method
WO2019239815A1 (en) Secret-key sharing system and secret-key sharing method
JP7324539B2 (en) Secret key sharing system and secret key sharing method
US11601260B1 (en) Encryption/decryption using key encapsulation/decapsulation
US20240129116A1 (en) Key exchange protocol for satellite based quantum network
US11595815B2 (en) Using satellite diversity for enhancing communication confidentiality
CN114978352B (en) Unmanned aerial vehicle free space optical communication system and method using quantum key distribution
WO2023120563A1 (en) Cryptographic key sharing system
Dodson et al. Updating quantum cryptography report ver. 1
WO2023242549A1 (en) Group key sharing
Darunkar Multi-photon tolerant quantum key distribution protocols for secured global communication
CA3232553A1 (en) System and method for generating a secure secret key
Aggarwal et al. An Overview of Major Developments, Applications and Challenges in Quantum Cryptography

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19819830

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19819830

Country of ref document: EP

Kind code of ref document: A1